3 Answers
3

First and foremost, the pineapple demonstrates the concept of a rogue AP, as that is essentially what it is.

Every wireless card that has been configured to automatically connect to a previously known network will get connected to the pineapple. This is a hardware implementation of the karma attack.

Once connected, the pineapple becomes a powerful tool for conducting MITM attacks, coming with a good range of tools built in.

The pineapple can also be extended using modules that provide functionality like sslstrip, tcpdump and nmap.

Mitigation techniques that apply to standard MITM attacks also applies to guarding against the pineapple. One very interesting technique that is pineapple specific is to set a network with a name like pineapple as the SSID as the priority trusted network. If your card connects to that network, it means you have fallen prey to the pineapple. I read about it in a blog post about the pineapple, but i can't find it now.

You set up your pineapple at a crowded swim meet. Every parent in the place checks for wireless. They see yours and it is named DHSPublicWifi and it has 5 bars. They ignore the other choices and connect to yours.

One parent tries to go to Facebook. Facebook is set to use https so "sidejacking" attacks are not an option, but their OS sends out a DNS request to find the proper IP address for Facebook. Your Pineapple intercepts DNS requests and gives them back a fake IP that will bring their browser to a malicious site that looks like an exact copy of Facebook, even has the proper URL for Facebook displayed in the browser. They don't notice that they are not https in this session. They attempt to log in and either your Pineapple or the malicous site now has their Facebook credentials. The Pineapple can either forward them to the real Facebook, or disown the entire affair.

If you would like to demonstrate the need for DNSSEC to your colleagues, that is what you could show them.